Recon-ng basics: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 75: | Zeile 75: | ||
query <sql> database query returning one column of inputs | query <sql> database query returning one column of inputs | ||
| − | + | =set source= | |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
[recon-ng][default][hackertarget] > set SOURCE suse.de | [recon-ng][default][hackertarget] > set SOURCE suse.de | ||
SOURCE => suse.de | SOURCE => suse.de | ||
| Zeile 144: | Zeile 118: | ||
[*] [host] relay-ext.suse.de (195.135.221.8) | [*] [host] relay-ext.suse.de (195.135.221.8) | ||
</pre> | </pre> | ||
| + | =Add API keys to recon-ng= | ||
| + | *[recon-ng][default]> keys add shodan_api xxxxxxxxxxxxxxxxxxxxx | ||
| − | + | =search shodan= | |
| − | + | *[recon-ng][default] > marketplace search shodan | |
| − | + | [*] Searching module index for 'shodan'... | |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | *[recon-ng][default] | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | * | ||
| − | + | +------------------------------------------------------------------------------------+ | |
| − | + | | Path | Version | Status | Updated | D | K | | |
| − | + | +------------------------------------------------------------------------------------+ | |
| − | + | | recon/companies-multi/shodan_org | 1.1 | not installed | 2020-07-01 | * | * | | |
| − | + | | recon/domains-hosts/shodan_hostname | 1.1 | not installed | 2020-07-01 | * | * | | |
| − | + | | recon/hosts-ports/shodan_ip | 1.2 | not installed | 2020-07-01 | * | * | | |
| − | + | | recon/locations-pushpins/shodan | 1.1 | not installed | 2020-07-07 | * | * | | |
| − | + | | recon/netblocks-hosts/shodan_net | 1.2 | not installed | 2020-07-21 | * | * | | |
| − | + | +------------------------------------------------------------------------------------+ | |
| − | |||
| − | |||
| − | = | + | D = Has dependencies. See info for details. |
| − | + | K = Requires keys. See info for details. | |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
Version vom 10. Oktober 2020, 17:38 Uhr
help
- [recon-ng][default] > help
Commands (type [help|?] <topic>): --------------------------------- back Exits the current context dashboard Displays a summary of activity db Interfaces with the workspace's database exit Exits the framework help Displays this menu index Creates a module index (dev only) keys Manages third party resource credentials marketplace Interfaces with the module marketplace modules Interfaces with installed modules options Manages the current context options pdb Starts a Python Debugger session (dev only) script Records and executes command scripts shell Executes shell commands show Shows various framework items snapshots Manages workspace snapshots spool Spools output to a file workspaces Manages workspaces
options list
- [recon-ng][default] > options list
Name Current Value Required Description ---------- ------------- -------- ----------- NAMESERVER 8.8.8.8 yes default nameserver for the resolver mixin PROXY no proxy server (address:port) THREADS 10 yes number of threads (where applicable) TIMEOUT 10 yes socket timeout (seconds) USER-AGENT Recon-ng/v5 yes user-agent string VERBOSITY 1 yes verbosity level (0 = minimal, 1 = verbose, 2 = debug)
market place
- [recon-ng][default] > marketplace refresh
[*] Marketplace index refreshed.
search hackertarge modul
- [*] Searching module index for 'hackertarget'...
+---------------------------------------------------------------------------------+ | Path | Version | Status | Updated | D | K | +---------------------------------------------------------------------------------+ | recon/domains-hosts/hackertarget | 1.0 | not installed | 2019-06-24 | | | +---------------------------------------------------------------------------------+
D = Has dependencies. See info for details. K = Requires keys. See info for details.
install hackertarge modul
- [recon-ng][default] > marketplace install recon/domains-hosts/hackertarget
[*] Module installed: recon/domains-hosts/hackertarget [*] Reloading modules...
load hackertarget modul
- [recon-ng][default] > modules load recon/domains-hosts/hackertarget
info hackertarget modul
- [recon-ng][default][hackertarget] > info
Name: HackerTarget Lookup Author: Michael Henriksen (@michenriksen) Version: 1.0
Description:
Uses the HackerTarget.com API to find host names. Updates the 'hosts' table with the results.
Options:
Name Current Value Required Description ------ ------------- -------- ----------- SOURCE yes source of input (see 'show info' for details)
Source Options:
default SELECT DISTINCT domain FROM domains WHERE domain IS NOT NULL <string> string representing a single input <path> path to a file containing a list of inputs query <sql> database query returning one column of inputs
set source
[recon-ng][default][hackertarget] > set SOURCE suse.de
SOURCE => suse.de
run
- [recon-ng][default][hackertarget] > run
------- SUSE.DE ------- [*] [host] suse.de (130.57.5.70) [*] [host] cc-s390x-kvm1.suse.de (195.135.221.74) [*] [host] smtp1.suse.de (195.135.220.23) [*] [host] director1.suse.de (195.135.220.21) [*] [host] cloud-dev1.suse.de (195.135.221.78) [*] [host] mx1.suse.de (195.135.220.2) [*] [host] mail2.suse.de (195.135.221.8) [*] [host] cc-s390x-kvm2.suse.de (195.135.221.79) [*] [host] smtp2.suse.de (195.135.220.24) [*] [host] director2.suse.de (195.135.220.22) [*] [host] mx2.suse.de (195.135.220.15) [*] [host] cantor3.suse.de (195.135.220.16) [*] [host] mx3.suse.de (143.186.213.3) [*] [host] mx4.suse.de (143.186.213.4) [*] [host] hydra.suse.de (195.135.221.167) [*] [host] opentc.suse.de (195.135.221.137) [*] [host] freeipa-opensuse.suse.de (149.44.161.62) [*] [host] gate.suse.de (195.135.221.12) [*] [host] turing.suse.de (195.135.220.3) [*] [host] storage-ci.suse.de (158.69.69.166) [*] [host] practicum.suse.de (130.57.14.222) [*] [host] imap.suse.de (195.135.220.8) [*] [host] aruba-rap.suse.de (195.135.221.3) [*] [host] ftp.suse.de (195.135.221.132) [*] [host] skylla-router.suse.de (195.135.221.1) [*] [host] soliddriver.suse.de (149.44.170.31) [*] [host] director.suse.de (195.135.220.20) [*] [host] visit.suse.de (195.135.221.17) [*] [host] munin-ext.suse.de (195.135.221.11) [*] [host] charybdis-ext.suse.de (195.135.221.2) [*] [host] relay-ext.suse.de (195.135.221.8)
Add API keys to recon-ng
- [recon-ng][default]> keys add shodan_api xxxxxxxxxxxxxxxxxxxxx
search shodan
- [recon-ng][default] > marketplace search shodan
[*] Searching module index for 'shodan'...
+------------------------------------------------------------------------------------+ | Path | Version | Status | Updated | D | K | +------------------------------------------------------------------------------------+ | recon/companies-multi/shodan_org | 1.1 | not installed | 2020-07-01 | * | * | | recon/domains-hosts/shodan_hostname | 1.1 | not installed | 2020-07-01 | * | * | | recon/hosts-ports/shodan_ip | 1.2 | not installed | 2020-07-01 | * | * | | recon/locations-pushpins/shodan | 1.1 | not installed | 2020-07-07 | * | * | | recon/netblocks-hosts/shodan_net | 1.2 | not installed | 2020-07-21 | * | * | +------------------------------------------------------------------------------------+
D = Has dependencies. See info for details. K = Requires keys. See info for details.